<?php
if (!isset($_GET['file'])) {
	echo 'No file provided!';
	die;
}
$file = $_GET['file'];

// Create trustable dir
$filename = sprintf("%s%s", "uploaded/".md5($file).'/', $file);
if (!is_file($filename)) {
	echo 'Unknown file! '.$file;
	die;
}
// Send correct header
header("Content-Type: application/octet-stream");
							
// Propose file name
$save_as_name = basename($file);
header("Content-Disposition: attachment; filename=\"$file\"");
							
// Read file
readfile($filename);	
?>